a bug report

[hksoobe]

used UnivDisasm-master\GUI\ [1]. is right, [2]. is wrong [1]. 8B 0D 00 02 46 00 mov ecx,dword ds:[0x00460200] // this is Right

[2]. A1 14 01 46 00 mov eax, ds:0x0046014 //this is error
This should mov eax, dword ds:[0x0046014]

[MahdiSafsafi]

Hi hksoobe, [2] is correct ! This instruction uses offset instead of ModRm to access memory location... UnivDisasm differs between OFFSET and LEGACY_MEMORY address. From Intel documentation: Disassembling the same instruction using onlinedisassembler.com gives the same result as UnivDisasm. Please for more information refer to Intel documentation.

[hksoobe]

I don't know why you're differentiate them They work exactly the same

They show the same in OllyDBG. For example OllyDBG:

They show the same in Delphi XE. For example Delphi XE:

They show the same in IDA. For example IDA:

They are all unified display format If you have to distinguish, I think you can provide an option

[MahdiSafsafi]

Hi hksoobe, Thank you for your reply. The reason why I'am distinguishing them is that UnivDisasm follows Intel syntax ! If Intel syntax distinguished this instructions, UnivDisasm must do the same. In addition, UnivDisasm is a customisable disasm that means you can easy register your own syntax decoder (By doing that you can make all this instructions look the same so they appear like : mov reg,size[address]). I can't provide an option to disable them ... The only way is to register a new SyntaxDecoder (Please see "UnivDisasm.SyntaxManager.pas" and "UnivDisasm.Syntax.UnivSyntax.pas").

Reagrds, Mahdi.

[MahdiSafsafi]

Please check the latest commit, I included an update to provide a support for this request. Now, you can just include USO_OFFSET_AS_MEM option in SyntaxOptions and UnivDisasm will not make difference between offset and memory. So : A1 14 01 46 00 mov eax, ds:0x0046014 will become A1 14 01 46 00 mov eax,dword ptr ds:[0x00460114]

[hksoobe]

thank you!